mirrors/systemd
0
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-23 02:03:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

test: skip TEST-43-PRIVATEUSER-UNPRIV if unprivileged userns is restricted

Browse Source 
With newer versions of AppArmor, unprivileged user namespace creation
may be restricted by default, in which case user manager instances will
not be able to apply PrivateUsers=yes (or the settings which require it).

This can be tested with the kernel.apparmor_restrict_unprivileged_userns
sysctl.
This commit is contained in:
Nick Rosbrook 2024-01-12 14:02:17 -05:00 committed by Yu Watanabe
parent 7a10e25a41
commit fec0d508a2
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
test/units/testsuite-43.sh
View File

@ -6,6 +6,11 @@ set -o pipefail
# shellcheck source=test/units/util.sh
. "$(dirname "$0")"/util.sh
if [[ "$(sysctl -ne kernel.apparmor_restrict_unprivileged_userns)" -eq 1 ]]; then
echo "Cannot create unprivileged user namespaces" >/skipped
exit 0
fi
systemd-analyze log-level debug
runas testuser systemd-run --wait --user --unit=test-private-users \